Client Secret Expiration
AzureAD connections require the use of a Client Secret you will set in your organisation’s AzureAD. This credential will expire after a maximum of 24 months.
When the Client Secret expires, your SSO connection to the FundApps platform will stop working. Therefore, we recommend using this connection only if you will monitor the expiration of the Client Secret you created.
If your secret has expired, please refer to this article.
Azure Application Registration
Sign in to the Azure portal using an account with administrator permission. You must use an account in the same Microsoft 365 subscription (tenant) as you intend to register the app with. You can also access the Azure portal through the Microsoft 365 Admin center by expanding the Admin centers item in the left navigation pane, and selecting Azure Active Directory.
Note: If you don't have an Azure tenant (account) or you do have one but your Microsoft 365 subscription with Dataverse is not available in your Azure subscription, follow the instructions in the topic Set up Azure Active Directory access for your Developer Site to associate the two accounts. If you don't have an account, you can sign up for one by using a credit card. However, the account is free for application registration and your credit card won't be charged if you only follow the procedures called out in this topic to register one or more apps. More information: Active Directory Pricing Details
Navigate to Azure AD and make a note of the Primary Domain (1) from Azure AD Overview tab:
In the Azure portal, select Azure Active Directory in the left pane, select App Registrations, and click on New Registration.
In the Register an application page, enter your application's registration information:
In the Name section, enter a meaningful application name that will be displayed to the users.
Select the organisation directory that houses the users you want to grant access to FundApps
Set the Redirect to
Weband provide this URI:https://auth.fundapps.co/login/callbackClick on Register to create the application.
On the app Overview page, hover over the Application (client) ID value, and select the Copy to clipboard icon to copy the value. You'll need to provide these values in the FundApps portal.
Select API permissions tab, click on Add a permission. Choose Microsoft Graph > Delegated Permissions > Users.Read
This completes the registration of your application in Azure Active Directory.
Create SSO Connection in FundApps platform
Login to Azure AD
Make a note of the Primary Domain (1) from the Azure AD Overview tab:
In the sidebar, navigate to App Registrations
Select your FundApps Application from the list
Make a note of the Client ID (2) and Secret (3)
Enter the three details into the FundApps SSO Portal
Click Create to set up the SSO Connection.
Configure IdP-Initiated Login (Optional)
Navigate to the SSO page for your tenant, i.e.
{tenantName}.fundapps.co/ssoClick the blue Settings button to the right of the connection name you wish to edit.
Once in the edit modal, make a note of the value in the IdP-Initiated Login URL field.
Sign into your Azure Portal.
Navigate to App Registrations and select your application.
Navigate to the Branding & properties tab.
Fill in the Homepage URL using the IdP-Initiated Sign-In URL from the connection settings in the FundApps platform.
IdP-Initiated login is now configured for your FundApps connection.